US10817612B2 - Information processing device, information processing method, and electronic apparatus - Google Patents

Information processing device, information processing method, and electronic apparatus Download PDF

Info

Publication number
US10817612B2
US10817612B2 US15/309,305 US201515309305A US10817612B2 US 10817612 B2 US10817612 B2 US 10817612B2 US 201515309305 A US201515309305 A US 201515309305A US 10817612 B2 US10817612 B2 US 10817612B2
Authority
US
United States
Prior art keywords
data
memory
event
information processing
information processor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US15/309,305
Other versions
US20170154186A1 (en
Inventor
Masaki Wakabayashi
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sony Semiconductor Solutions Corp
Original Assignee
Sony Semiconductor Solutions Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sony Semiconductor Solutions Corp filed Critical Sony Semiconductor Solutions Corp
Assigned to SONY CORPORATION reassignment SONY CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: WAKABAYASHI, MASAKI
Publication of US20170154186A1 publication Critical patent/US20170154186A1/en
Assigned to SONY SEMICONDUCTOR SOLUTIONS CORPORATION reassignment SONY SEMICONDUCTOR SOLUTIONS CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: SONY CORPORATION
Application granted granted Critical
Publication of US10817612B2 publication Critical patent/US10817612B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • G06F9/4406Loading of operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering

Definitions

  • the present disclosure relates to an information processing device that processes information including secret information, an information processing method, and an electronic apparatus including such an information processing device.
  • Electronic apparatuses often store secret information such as identification information specific to the apparatuses and key data.
  • the electronic apparatuses each perform various kinds of processing with use of the secret information.
  • Patent Literature 1 discloses an encoder that is configured to prevent an encryption key from being outputted into a data bus, thereby improving security.
  • Patent Literature 2 discloses a storage device that prevents unauthorized rewriting and erasure of information in a memory cell.
  • Patent Literature 3 discloses an EEPROM (Electrically Erasable Programmable Read-Only Memory) that is configured to restrict data writing by hardware, thereby improving security.
  • Patent Literature 4 discloses a PROM (Programmable Read-Only Memory) that restricts writing to the PROM by a jumper, thereby improving security.
  • Patent Literature 1 Japanese Unexamined Patent Application Publication No. 2002-149493
  • Patent Literature 2 Japanese Unexamined Patent Application Publication No. 2001-283594
  • Patent Literature 3 Japanese Unexamined Patent Application Publication No. H5-266681
  • Patent Literature 4 Japanese Unexamined Patent Application Publication No. H5-250267
  • An information processing device includes a first storage section, an operation section, a second storage section, and an information processor.
  • the first storage section is for reading only, and stores first data beforehand, and restricts reading of the first data after a first event.
  • the operation section performs one or both of encoding and decoding with use of key data, and restricts, after a second event, change of the key data to be used.
  • the second storage section is readable and writeable, and includes a plurality of storage regions for each of which access conditions are set. The second storage section restricts change of the access conditions after a third event.
  • the information processor controls the first storage section, the operation section, and the second storage section to perform information processing.
  • An information processing method includes: restricting reading of first data by a first storage section for reading only after a first event; restricting, by an operation section after a second event, change of key data to be used, the operation section that performs one or both of encoding and decoding with use of the key data; and restricting change of access conditions by a second storage section after a third event, the second storage section being readable and writable, and the access conditions being set for each of a plurality of storage regions.
  • An electronic apparatus includes the foregoing information processing device, and may correspond to, for example, but not limited to, a smartphone, an electronic book, a PDA (Personal Digital Assistant), a HDD (Hard Disk Drive) player, a HDD recorder, players and recorders of various kinds of disks, a content delivery system, and a game machine.
  • a smartphone an electronic book
  • PDA Personal Digital Assistant
  • HDD Hard Disk Drive
  • HDD recorder players and recorders of various kinds of disks
  • players and recorders of various kinds of disks a content delivery system
  • a game machine a game machine.
  • the first storage section stores the first data beforehand
  • the operation section performs one or both of encoding and decoding with use of the key data
  • reading and writing of data are performed on the second storage section.
  • reading of the first data is restricted after the first event
  • change of the key data to be used is restricted after the second event.
  • change of the access conditions is restricted.
  • the information processing device, the information processing method, and the electronic apparatus of the embodiments of the present disclosure in the first storage section, reading of the first data is restricted after the first event; in the operation section, change of the key data to be used is restricted after the second event; and in the second storage section, change of the access conditions is restricted. This makes it possible to enhance security. Note that effects described here are non-limiting. Effects achieved by the technology may be one or more of effects described in the present disclosure.
  • FIG. 1 is a block diagram illustrating a configuration example of an information processing device according to an embodiment of the present disclosure.
  • FIG. 2 is a timing chart illustrating an operation example of the information processing device illustrated in FIG. 1 .
  • FIG. 3 is a flow chart illustrating an operation example of a ROM illustrated in FIG. 1 .
  • FIG. 4 is a flow chart illustrating an operation example of a decoder illustrated in FIG. 1 .
  • FIG. 5 is a flow chart illustrating an operation example of a RAM illustrated in FIG. 1 .
  • FIG. 6 is a flow chart illustrating an operation example of the information processing device illustrated in FIG. 1 .
  • FIG. 7 is a flow chart illustrating an operation example of a ROM according to a modification example.
  • FIG. 8 is a flow chart illustrating an operation example of a decoder according to a modification example.
  • FIG. 9 is a flow chart illustrating an operation example of a RAM according to a modification example.
  • FIG. 10 is a perspective view of an appearance configuration of a smartphone to which the information processing device according to the embodiment is applied.
  • FIG. 1 illustrates a configuration example of an information processing device according to an embodiment. It is to be noted that an information processing method and an electronic apparatus according to embodiments of the present disclosure may be embodied by the present embodiment, and description thereof is therefore given together.
  • the information processing device 1 includes a flash ROM (Read-Only Memory) 50 and an information processing chip 10 .
  • the flash ROM 50 stores a program that is executed by the information processing device 1 . More specifically, the flash ROM 50 stores a boot loader BL, an operating system OS, and application software AP.
  • the boot loader BL is a program that is first executed after the information processing device 1 is powered up, and activates the operating system OS after creating an execution environment of the operating system OS.
  • the operating system OS is so-called basic software, and controls operations of respective blocks of the information processing device 1 .
  • the operating system OS is encoded and stored in the flash ROM 50 . In other words, in this example, the operating system OS is encoded to reduce a risk of changing data of the operating system OS by a malicious third party.
  • the application software AP operates together with the operating system OS to attain a specific function.
  • FIG. 2 schematically illustrates an operation example of the information processing device 1 .
  • the information processing device 1 After the information processing device 1 is powered up, first, the information processing device 1 reads the boot loader BL from the flash ROM 50 , and executes the boot loader BL in a boot period P 1 . Subsequently, the information processing device 1 reads the encoded operating system OS from the flash ROM 50 , and decodes the operating system OS, and thereafter activates the operating system OS. Thereafter, the information processing device 1 reads the application software AP from the flash ROM 50 in response to an instruction from a user, and activates the application software AP.
  • the information processing chip 10 includes an information processor 11 , a ROM 20 , a decoder 30 , a RAM (Random Access Memory) 40 , an interface 12 , and a network interface 13 .
  • the information processing chip 10 may be, but not limited to, one chip configured of these blocks. It is to be noted that the information processing ship 10 is not limited thereto. Alternatively, for example, chips each configured of corresponding one of the blocks may be disposed on a substrate.
  • the information processor 11 is a so-called processor, and executes a program (such as the boot loader BL, the operating system OS, and the application software AP) to process information.
  • the information processor 11 is coupled to a bus 14 , and makes it possible to control other blocks through the bus 14 .
  • the ROM 20 is a read-only storage device.
  • the ROM 20 is coupled to the bus 14 , and is controlled by the information processor 11 through the bus 14 to output data that is beforehand stored therein.
  • the ROM 20 includes a storage section 22 and an access controller 21 .
  • the storage section 22 stores data.
  • the storage section 22 stores key data KEY and authentication database DB beforehand.
  • the key data KEY and the authentication database DB are read when the information processor 11 executes the boot loader BL.
  • the key data KEY is used to decode the encoded operating system OS stored in the flash ROM 50 .
  • the authentication database DB is used to authenticate whether the operating system OS is authorized.
  • the key data KEY and the authentication database DB should be concealed to improve security.
  • the information processor 11 is not allowed to read the key data KEY and the authentication database DB from the storage section 22 after the key data KEY and the authentication database DB are read the predetermined number of times.
  • the information processing device 1 is not allowed to read the key data KEY and the authentication database DB from the storage section 22 after the boot period P 1 is completed.
  • the decoder 30 decodes encoded data.
  • the decoder 30 is coupled to the bus 14 , and is controlled by the information processor 11 through the bus 14 to output decoded data.
  • the decoder 30 includes a decoding processor 32 , a key data storage section 33 , and a controller 31 .
  • the decoding processor 32 performs a decoding process. More specifically, the decoding processor 32 may decode, for example, the encoded operating system OS with use of the key data KEY, as described later. It is to be noted that the decoding processor 32 decodes not only the operating system OS but also other various encoded programs and data with use of various key data.
  • the key data storage section 33 may be configured using, for example, a RAM (Random Access Memory) or a flip-flop, and stores key data that is to be used by the decoding processor 32 in a decoding process. The key data is written to the key data storage section 33 when the information processor 11 executes the boot loader BL.
  • a RAM Random Access Memory
  • a flip-flop stores key data that is to be used by the decoding processor 32 in a decoding process.
  • the key data is written to the key data storage section 33 when the information processor 11 executes the boot loader BL.
  • the RAM 40 is a readable and writable storage device.
  • the RAM 40 is coupled to the bus 14 , and is controlled by the information processor 11 through the bus 14 to store data. In other words, the RAM 40 functions as a so-called working memory of the information processor 11 .
  • the RAM 40 includes a storage section 42 and an access controller 41 .
  • the storage section 42 stores data.
  • the data stored in the storage section 42 includes data that should be concealed.
  • the storage section 42 may be partitioned into, for example, a plurality of storage regions, and access conditions may be set for each of the storage regions on the basis of access condition data DA (to be described later).
  • the access controller 41 controls access to the storage section 42 .
  • the access controller 41 has the access condition data DA.
  • the access condition data DA may include, for example, access conditions such as writing-reading accessibility by the boot loader BL and writing-reading accessibility by the operating system OS.
  • the access condition data DA is set when the information processor 11 executes the boot loader BL. This may make it possible for the information processor 11 to set, for example, a storage region that is accessible when the boot loader BL is executed and a storage region that is accessible when the operating system OS is executed.
  • the access controller 41 disables further setting of the access condition data DA. Accordingly, the information processor 11 is not allowed to set the access condition data DA after the access condition data DA is set the predetermined number of times. In other words, the information processing device 1 is not allowed to change the access condition data DA after the boot period P 1 is completed.
  • the interface 12 is an interface that exchanges data with a device external to the information processing chip 10 .
  • the interface 12 is coupled to the bus 14 , and, for example, the information processor 11 may read a program (such as the boot loader BL, the operating system OS, and the application software AP) from the flash ROM 50 through the bus 14 and the interface 12 , and may control some other external device (not illustrated) through the bus 14 and the interface 12 .
  • a program such as the boot loader BL, the operating system OS, and the application software AP
  • the network interface 13 may be an interface that exchanges data with, for example, servers (not illustrated) on a network.
  • the network interface 13 is coupled to the bus 14 , and, for example, the information processor 11 may perform communication with, for example, the servers through the bus 14 and the network interface 13 to allow for downloading of, for example, various data.
  • the ROM 20 corresponds to a specific example of a “first storage section” in the present disclosure
  • the RAM 40 corresponds to a specific example of a “second storage section” in the present disclosure
  • the decoder 30 corresponds to a specific example of an “operation section” in the present disclosure.
  • the flash ROM 50 stores a program (such as the boot loader BL, the operating system OS, and the application software AP).
  • the information processor 11 executes a program to process information.
  • the storage section 22 of the ROM 20 stores the key data KEY and the authentication database DB.
  • the access controller 21 of the ROM 20 controls access to the key data KEY and the authentication database DB in the storage section 22 .
  • the decoding processor 32 of the decoder 30 performs a decoding process.
  • the key data storage section 33 of the decoder 30 stores key data that is to be used by the decoding processor 32 in the decoding process.
  • the controller 31 of the decoder 30 controls the decoding processor 32 and the key data storage section 33 .
  • the storage section 42 of the RAM 40 stores data.
  • the access controller 41 of the RAM 40 controls access to the storage section 42 with use of the access condition data DA.
  • the interface 12 exchanges data with a device external to the information processing chip 10 .
  • the network interface 13 exchanges data with, for example, servers on a network.
  • FIG. 3 illustrates a flow chart of an operation of the access controller 21 of the ROM 20 .
  • the access controller 21 of the ROM 20 disables further reading. This operation is described in detail below.
  • the access controller 21 reads the key data KEY and the authentication database DB from the storage section 22 in response to a request from the information processor 11 (step S 1 ).
  • the access controller 21 determines whether the key data KEY and the authentication database DB have been read the predetermined number of times (step S 2 ). In a case in which the key data KEY and the authentication database DB have not been read the predetermined number of times (“N” in the step S 2 ), the operation of the access controller 21 returns to the step S 1 .
  • the access controller 21 disables reading of the key data KEY and the authentication database DB from the storage section 20 (step S 3 ).
  • FIG. 4 illustrates a flow chart of an operation of the controller 31 of the decoder 30 . After key data is written to the key data storage section 33 a predetermined number of times, the controller 31 of the decoder 30 disables further writing. This operation is described in detail below.
  • the controller 31 writes key data to the key data storage section 33 in response to a request from the information processor 11 to cause the decoding processor 32 to perform a decoding process with use of the key data (step S 11 ).
  • the controller 31 determines whether the key data has been written the predetermined number of times (step S 12 ). In a case in which the key data has not been written the predetermined number of times (“N” in the step S 12 ), the operation of the controller 31 returns to the step S 11 .
  • step S 12 in a case in which the key data has been written the predetermined number of times (“Y” in the step S 12 ), the controller 31 disables writing of the key data (step S 13 ).
  • FIG. 5 illustrates a flow chart of an operation of the access controller 41 of the RAM 40 .
  • the access controller 41 of the RAM 40 sets the access condition data DA a predetermined number of times, the access controller 41 disables further setting of the access condition data DA. This operation is described in detail below.
  • the access controller 41 sets the access condition data DA in response to a request from the information processor 11 to perform writing of data to the storage section 42 and reading of data from the storage section 42 with use of the access condition data DA (step S 21 ).
  • the access controller 41 determines whether the access condition data DA has been set the predetermined number of times (step S 22 ). In a case in which the access condition data DA has not been set the predetermined number of times (“N” in the step S 22 ), the operation by the access controller 41 is returned to the step S 21 .
  • step S 22 in a case in which the access condition data DA has been set the predetermined number of times (“Y” in the step S 22 ), the access controller 41 disables setting of the access condition data DA (step S 23 ).
  • FIG. 6 illustrates a flow chart of an operation example of the information processing device 1 .
  • the information processing device 1 first activates the boot loader BL, and then decodes the encoded operating system OS, and authenticates the decoded operating system OS. Thereafter, the information processing device 1 activates the operating system OS. This operation is described in detail below.
  • the information processor 11 activates the boot loader BL to set the access condition data DA of the RAM 40 (step S 31 ). More specifically, first, the information processor 11 reads data of the boot loader BL from the flash ROM 50 , and activates the boot loader BL. Subsequently, the information processor 11 sets the access condition data DA of the RAM 40 to set a storage region that is accessible when the boot loader BL is executed. Thereafter, the information processor 11 performs information processing with use of the set storage region as a working memory.
  • the information processor 11 writes the key data KEY to the key data storage section 33 of the decoder 30 (step S 32 ). More specifically, the information processor 11 reads the key data KEY from the ROM 20 , and writes the key data KEY to the key data storage section 33 of the decoder 30 .
  • the controller 31 of the decoder 30 disables writing of the key data to the key data storage section 33 (step S 33 ).
  • the controller 31 disables further writing of the key data.
  • the decoder 30 decodes the operating system OS with use of the key data KEY (step S 34 ). More specifically, first, the information processor 11 reads data of the encoded operating system OS from the flash ROM 50 . Thereafter, the decoder 30 decodes the operating system OS with use of the key data KEY stored in the key data storage section 33 .
  • the information processor 11 authenticates the operating system OS with use of the authentication database DB (step S 35 ). More specifically, the information processor 11 reads the authentication database DB from the ROM 20 , and performs an authentication process on the operating system OS decoded in the step S 34 .
  • the access controller 21 of the ROM 20 disables reading of the key data KEY and the authentication database DB from the storage section 22 (step S 36 ).
  • the information processor 11 has read the key data KEY and the authentication database DB the predetermined number of times.
  • the access controller 21 disables further reading of the key data KEY and the authentication database DB.
  • the information processor 11 sets the access condition data DA of the RAM 40 (step S 37 ). More specifically, the information processor 11 sets the access condition data DA to set a storage region that is accessible when the operating system OS is next executed. Thereafter, the information processor 11 performs information processing with use of the set storage region as a working memory.
  • the access controller 41 of the RAM 40 disables setting of the access condition data DA (step S 38 ).
  • the information processor 11 has set the access condition data DA the predetermined number of times.
  • the access controller 41 disables further setting of the access condition data DA.
  • the information processor 11 activates the operating system OS (step S 39 ). More specifically, the information processor 11 activates the operating system OS on the basis of decoded and authenticated data of the operating system OS.
  • the ROM 20 , the decoder 30 , and the RAM 40 restrict their operations after a predetermined event occurs in the boot period P 1 . More specifically, after the key data KEY and the authentication database DB are read the predetermined number of times, the access controller 21 of the ROM 20 disables further reading. After the key data is written to the key data storage section 33 the predetermined number of times, the controller 31 of the decoder 30 disables further writing. After the access condition data DA is set the predetermined number of times, the access controller 41 of the RAM 40 disables further setting of access condition data DA.
  • the information processor 11 performs, only in the boot period P 1 , reading of the key data KEY and the authentication database DB from the ROM 20 , writing of the key data in the decoder 30 , and setting of the access condition data DA in the RAM 40 . Accordingly, in the information processing device 1 , the operating system OS does not use secret information (such as the key data KEY and the authentication database DB). This makes it possible to reduce a risk of passing the secret information to a third party and to enhance security, even if the operating system OS has a security hole.
  • secret information such as the key data KEY and the authentication database DB
  • the ROM, the decoder, and the RAM restrict their operations after the predetermined event occurs, which makes it possible to enhance security.
  • the ROM 20 disables further reading after the data KEY and the authentication database DB are read the predetermined number of times; however, the embodiment is not limited thereto.
  • the information processor 11 may instruct the ROM 20 to disable reading of the key data KEY and the authentication database DB, and the access controller 21 of the ROM 20 may disable further reading of the key data KEY and the authentication database DB on the basis of such an instruction, as illustrated in FIG. 7 .
  • the decoder 30 disables further writing after the data storage section 33 writes the key data the predetermined number of times; however, the embodiment is not limited thereto.
  • the information processor 11 may instruct the decoder 30 to disable writing of the key data, and the controller 31 of the decoder 30 may disable further writing of the key data on the basis of such an instruction, as illustrated in FIG. 8 .
  • the RAM 40 disables further setting of the access condition data DA after the access condition data DA is set the predetermined number of times; however, the embodiment is not limited thereto.
  • the information processor 11 may instruct the RAM 40 to disable setting of the access condition data DA, and the access controller 41 of the RAM 40 may disable further setting of the access condition data DA on the basis of such an instruction, as illustrated in FIG. 9 .
  • the ROM 20 stores data (the key data KEY and the authentication database DB) that is to be used for activation of the operating system OS; however, the embodiment is not limited thereto, and the ROM 20 may store various data. More specifically, the ROM 20 may store, for example, identification information specific to a device, key data of data that is to be exchanged through a network, and authentication information for connection with servers in a network.
  • the controller 31 of the decoder 30 disables writing after the key data is written to the key data storage section 33 once; however, the embodiment is not limited thereto.
  • the controller 31 may disable writing after the key data is written a plurality of times.
  • the storage section 22 may store a plurality of pieces of key data, and may change key data of the key data storage section 33 , thereby allowing for decoding of a plurality of programs and a plurality of pieces of data.
  • the access controller 21 of the ROM 20 disables reading after the key data KEY and the authentication database DB are read once; however, the embodiment is not limited thereto.
  • the access controller 21 may disable reading after the key data KEY and the authentication database DB are read a plurality of times.
  • the access controller 41 of the RAM 40 disables setting after the access condition data DA is set twice; however, the embodiment is not limited thereto.
  • the access controller 41 may disable setting after the access condition data DA is set once or three or more times.
  • the decoder 30 that performs a decoding process is provided; however, the embodiment is not limited thereto.
  • an encoder-decoder that performs an encoding process and a decoding process may be provided.
  • FIG. 10 illustrates an appearance of a smartphone to which any of the information processing devices of the foregoing embodiment and examples is applied.
  • the smartphone may include, for example, a main body section 310 and a display section 320 . Any of the foregoing information processing devices is mounted in the smartphone 300 . It is to be noted that any of the foregoing information processing devices may be applied to a main processor that performs an operation of the entire smartphone 300 , or a processor that operates in a particular use such as a GPU (Graphics Processing Unit).
  • a main processor that performs an operation of the entire smartphone 300
  • a processor that operates in a particular use such as a GPU (Graphics Processing Unit).
  • the information processing devices of the foregoing embodiment and examples are applicable to not only such a smartphone, but also electronic apparatuses in every field that uses secret information, such as an electronic book, a PDA, a HDD player, a HDD recorder, players and recorders of various kinds of disks, a content delivery system, and a game machine.
  • the flash ROM 50 is disposed, for example, but not limited to, outside the information processing chip 10 .
  • the flash ROM 50 may be integrated into, for example, the information processing ship 10 .
  • the present technology may have the following configurations.
  • An information processing device including:
  • a first storage section for reading only that stores first data beforehand, and restricts reading of the first data after a first event
  • an operation section that performs one or both of encoding and decoding with use of key data, and restricts, after a second event, change of the key data to be used;
  • a second storage section being readable and writeable and including a plurality of storage regions for each of which access conditions are set, the second storage section that restricts change of the access conditions after a third event;
  • an information processor that controls the first storage section, the operation section, and the second storage section to perform information processing.
  • the information processor activates an operating system after activating a boot loader
  • the first event, the second event, and the third event each occur in a period in which the information processor executes the boot loader.
  • An information processing method including:
  • An electronic apparatus provided with an information processing device and a device controlled by the information processing device, the information processing device including:
  • a first storage section for reading only that stores first data beforehand, and restricts reading of the first data after a first event
  • an operation section that performs one or both of encoding and decoding with use of key data, and restricts, after a second event, change of the key data to be used;
  • a second storage section being readable and writeable and including a plurality of storage regions for each of which access conditions are set, the second storage section that restricts change of the access conditions after a third event;
  • an information processor that controls the first storage section, the operation section, and the second storage section to perform information processing.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

An information processing device of the present disclosure includes: a first storage section for reading only that stores first data beforehand, and restricts reading of the first data after a first event; an operation section that performs one or both of encoding and decoding with use of key data, and restricts, after a second event, change of the key data to be used; a second storage section being readable and writeable and including a plurality of storage regions for each of which access conditions are set, the second storage section that restricts change of the access conditions after a third event; and an information processor that controls the first storage section, the operation section, and the second storage section to perform information processing.

Description

CROSS REFERENCE TO RELATED APPLICATIONS
This application is a U.S. National Phase of International Patent Application No. PCT/JP2015/062936 filed on Apr. 30, 2015, which claims priority benefit of Japanese Patent Application No. JP 2014-102329 filed in the Japan Patent Office on May 16, 2014. Each of the above-referenced applications is hereby incorporated herein by reference in its entirety.
TECHNICAL FIELD
The present disclosure relates to an information processing device that processes information including secret information, an information processing method, and an electronic apparatus including such an information processing device.
BACKGROUND ART
Electronic apparatuses often store secret information such as identification information specific to the apparatuses and key data. The electronic apparatuses each perform various kinds of processing with use of the secret information. In such electronic apparatuses, it is desirable to protect the secret information and enhance security.
There have been proposed various technologies of a method of enhancing security. For example, Patent Literature 1 discloses an encoder that is configured to prevent an encryption key from being outputted into a data bus, thereby improving security. Moreover, for example, Patent Literature 2 discloses a storage device that prevents unauthorized rewriting and erasure of information in a memory cell. Further, for example, Patent Literature 3 discloses an EEPROM (Electrically Erasable Programmable Read-Only Memory) that is configured to restrict data writing by hardware, thereby improving security. Furthermore, for example, Patent Literature 4 discloses a PROM (Programmable Read-Only Memory) that restricts writing to the PROM by a jumper, thereby improving security.
CITATION LIST Patent Literature
Patent Literature 1: Japanese Unexamined Patent Application Publication No. 2002-149493
Patent Literature 2: Japanese Unexamined Patent Application Publication No. 2001-283594
Patent Literature 3: Japanese Unexamined Patent Application Publication No. H5-266681
Patent Literature 4: Japanese Unexamined Patent Application Publication No. H5-250267
SUMMARY
As described above, in the electronic apparatuses, high security is often desired, and further improvement of security is expected.
It is therefore desirable to provide an information processing device, an information processing method, and an electronic apparatus each of which allows for enhancement of security.
An information processing device according to an embodiment of the present disclosure includes a first storage section, an operation section, a second storage section, and an information processor. The first storage section is for reading only, and stores first data beforehand, and restricts reading of the first data after a first event. The operation section performs one or both of encoding and decoding with use of key data, and restricts, after a second event, change of the key data to be used. The second storage section is readable and writeable, and includes a plurality of storage regions for each of which access conditions are set. The second storage section restricts change of the access conditions after a third event. The information processor controls the first storage section, the operation section, and the second storage section to perform information processing.
An information processing method according to an embodiment of the present disclosure includes: restricting reading of first data by a first storage section for reading only after a first event; restricting, by an operation section after a second event, change of key data to be used, the operation section that performs one or both of encoding and decoding with use of the key data; and restricting change of access conditions by a second storage section after a third event, the second storage section being readable and writable, and the access conditions being set for each of a plurality of storage regions.
An electronic apparatus according to an embodiment of the present disclosure includes the foregoing information processing device, and may correspond to, for example, but not limited to, a smartphone, an electronic book, a PDA (Personal Digital Assistant), a HDD (Hard Disk Drive) player, a HDD recorder, players and recorders of various kinds of disks, a content delivery system, and a game machine.
In the information processing device, the information processing method, and the electronic apparatus according to the embodiments of the present disclosure, the first storage section stores the first data beforehand, the operation section performs one or both of encoding and decoding with use of the key data, and reading and writing of data are performed on the second storage section. At this occasion, in the first storage section, reading of the first data is restricted after the first event, and in the operation section, change of the key data to be used is restricted after the second event. Further, in the second storage section, change of the access conditions is restricted.
According to the information processing device, the information processing method, and the electronic apparatus of the embodiments of the present disclosure, in the first storage section, reading of the first data is restricted after the first event; in the operation section, change of the key data to be used is restricted after the second event; and in the second storage section, change of the access conditions is restricted. This makes it possible to enhance security. Note that effects described here are non-limiting. Effects achieved by the technology may be one or more of effects described in the present disclosure.
BRIEF DESCRIPTION OF DRAWINGS
FIG. 1 is a block diagram illustrating a configuration example of an information processing device according to an embodiment of the present disclosure.
FIG. 2 is a timing chart illustrating an operation example of the information processing device illustrated in FIG. 1.
FIG. 3 is a flow chart illustrating an operation example of a ROM illustrated in FIG. 1.
FIG. 4 is a flow chart illustrating an operation example of a decoder illustrated in FIG. 1.
FIG. 5 is a flow chart illustrating an operation example of a RAM illustrated in FIG. 1.
FIG. 6 is a flow chart illustrating an operation example of the information processing device illustrated in FIG. 1.
FIG. 7 is a flow chart illustrating an operation example of a ROM according to a modification example.
FIG. 8 is a flow chart illustrating an operation example of a decoder according to a modification example.
FIG. 9 is a flow chart illustrating an operation example of a RAM according to a modification example.
FIG. 10 is a perspective view of an appearance configuration of a smartphone to which the information processing device according to the embodiment is applied.
 EMBODIMENTS FOR CARRYING OUT THE INVENTION
In the following, some embodiments of the present disclosure are described in detail with reference to the drawings. It is to be noted that description is given in the following order.
1. Embodiment
2. Application Examples
1. EMBODIMENT CONFIGURATION EXAMPLE
FIG. 1 illustrates a configuration example of an information processing device according to an embodiment. It is to be noted that an information processing method and an electronic apparatus according to embodiments of the present disclosure may be embodied by the present embodiment, and description thereof is therefore given together. The information processing device 1 includes a flash ROM (Read-Only Memory) 50 and an information processing chip 10.
The flash ROM 50 stores a program that is executed by the information processing device 1. More specifically, the flash ROM 50 stores a boot loader BL, an operating system OS, and application software AP. The boot loader BL is a program that is first executed after the information processing device 1 is powered up, and activates the operating system OS after creating an execution environment of the operating system OS. The operating system OS is so-called basic software, and controls operations of respective blocks of the information processing device 1. In this example, the operating system OS is encoded and stored in the flash ROM 50. In other words, in this example, the operating system OS is encoded to reduce a risk of changing data of the operating system OS by a malicious third party. The application software AP operates together with the operating system OS to attain a specific function.
FIG. 2 schematically illustrates an operation example of the information processing device 1. After the information processing device 1 is powered up, first, the information processing device 1 reads the boot loader BL from the flash ROM 50, and executes the boot loader BL in a boot period P1. Subsequently, the information processing device 1 reads the encoded operating system OS from the flash ROM 50, and decodes the operating system OS, and thereafter activates the operating system OS. Thereafter, the information processing device 1 reads the application software AP from the flash ROM 50 in response to an instruction from a user, and activates the application software AP.
The information processing chip 10 includes an information processor 11, a ROM 20, a decoder 30, a RAM (Random Access Memory) 40, an interface 12, and a network interface 13. The information processing chip 10 may be, but not limited to, one chip configured of these blocks. It is to be noted that the information processing ship 10 is not limited thereto. Alternatively, for example, chips each configured of corresponding one of the blocks may be disposed on a substrate.
The information processor 11 is a so-called processor, and executes a program (such as the boot loader BL, the operating system OS, and the application software AP) to process information. The information processor 11 is coupled to a bus 14, and makes it possible to control other blocks through the bus 14.
The ROM 20 is a read-only storage device. The ROM 20 is coupled to the bus 14, and is controlled by the information processor 11 through the bus 14 to output data that is beforehand stored therein. The ROM 20 includes a storage section 22 and an access controller 21.
The storage section 22 stores data. In this example, the storage section 22 stores key data KEY and authentication database DB beforehand. The key data KEY and the authentication database DB are read when the information processor 11 executes the boot loader BL. The key data KEY is used to decode the encoded operating system OS stored in the flash ROM 50. The authentication database DB is used to authenticate whether the operating system OS is authorized. The key data KEY and the authentication database DB should be concealed to improve security.
The access controller 21 controls access to the key data KEY and the authentication database DB that are stored in the storage section 22. More specifically, in this example, after the information processor 11 activates the boot loader BL, and reads the key data KEY and the authentication database DB a predetermined number of times, the access controller 21 disables further reading. For example, in a case in which a total data amount of the key data KEY and the authentication database DB is 8 kilobits and a read access unit of the ROM 20 is 32 bits, the access controller 21 sets the number of allowable times of reading to 256 (=8 k/32). Accordingly, the information processor 11 is not allowed to read the key data KEY and the authentication database DB from the storage section 22 after the key data KEY and the authentication database DB are read the predetermined number of times. In other words, the information processing device 1 is not allowed to read the key data KEY and the authentication database DB from the storage section 22 after the boot period P1 is completed.
The decoder 30 decodes encoded data. The decoder 30 is coupled to the bus 14, and is controlled by the information processor 11 through the bus 14 to output decoded data. The decoder 30 includes a decoding processor 32, a key data storage section 33, and a controller 31.
The decoding processor 32 performs a decoding process. More specifically, the decoding processor 32 may decode, for example, the encoded operating system OS with use of the key data KEY, as described later. It is to be noted that the decoding processor 32 decodes not only the operating system OS but also other various encoded programs and data with use of various key data.
The key data storage section 33 may be configured using, for example, a RAM (Random Access Memory) or a flip-flop, and stores key data that is to be used by the decoding processor 32 in a decoding process. The key data is written to the key data storage section 33 when the information processor 11 executes the boot loader BL.
The controller 31 controls the decoding processor 32 and the key data storage section 33. At this occasion, the controller 31 controls access to the key data storage section 33. More specifically, in this example, after the information processor 11 activates the boot loader BL, and writes the key data to the key data storage section 33 a predetermined number of times, the controller 31 disables further writing. For example, in a case in which a data amount of the key data is 128 bits and a write access unit to the key data storage section 33 is 32 bits, the controller 31 sets the number of allowable times of writing to the key data storage section 33 to 4 (=128/32). Accordingly, the information processor 11 is not allowed to write the key data to the key data storage section 33 after the key data is written to the key data storage section 33 the predetermined number of times. In other words, the information processing device 1 is not allowed to change the key data in the key data storage section 33 after the boot period P1 is completed.
The RAM 40 is a readable and writable storage device. The RAM 40 is coupled to the bus 14, and is controlled by the information processor 11 through the bus 14 to store data. In other words, the RAM 40 functions as a so-called working memory of the information processor 11. The RAM 40 includes a storage section 42 and an access controller 41.
The storage section 42 stores data. The data stored in the storage section 42 includes data that should be concealed. The storage section 42 may be partitioned into, for example, a plurality of storage regions, and access conditions may be set for each of the storage regions on the basis of access condition data DA (to be described later).
The access controller 41 controls access to the storage section 42. The access controller 41 has the access condition data DA. The access condition data DA may include, for example, access conditions such as writing-reading accessibility by the boot loader BL and writing-reading accessibility by the operating system OS. The access condition data DA is set when the information processor 11 executes the boot loader BL. This may make it possible for the information processor 11 to set, for example, a storage region that is accessible when the boot loader BL is executed and a storage region that is accessible when the operating system OS is executed.
At this occasion, in this example, after the information processor 11 activates the boot loader BL, and sets the access condition data DA a predetermined number of times, the access controller 41 disables further setting of the access condition data DA. Accordingly, the information processor 11 is not allowed to set the access condition data DA after the access condition data DA is set the predetermined number of times. In other words, the information processing device 1 is not allowed to change the access condition data DA after the boot period P1 is completed.
The interface 12 is an interface that exchanges data with a device external to the information processing chip 10. The interface 12 is coupled to the bus 14, and, for example, the information processor 11 may read a program (such as the boot loader BL, the operating system OS, and the application software AP) from the flash ROM 50 through the bus 14 and the interface 12, and may control some other external device (not illustrated) through the bus 14 and the interface 12.
The network interface 13 may be an interface that exchanges data with, for example, servers (not illustrated) on a network. The network interface 13 is coupled to the bus 14, and, for example, the information processor 11 may perform communication with, for example, the servers through the bus 14 and the network interface 13 to allow for downloading of, for example, various data.
Here, the ROM 20 corresponds to a specific example of a “first storage section” in the present disclosure, and the RAM 40 corresponds to a specific example of a “second storage section” in the present disclosure. The decoder 30 corresponds to a specific example of an “operation section” in the present disclosure.
[Operation and Workings]
In the following, description is given of an operation and workings of the information processing device 1 according to the present embodiment.
(Summary of Entire Operation)
First, description is given of a summary of an entire operation of the information processing device 1 with reference to FIG. 1. The flash ROM 50 stores a program (such as the boot loader BL, the operating system OS, and the application software AP). The information processor 11 executes a program to process information. The storage section 22 of the ROM 20 stores the key data KEY and the authentication database DB. The access controller 21 of the ROM 20 controls access to the key data KEY and the authentication database DB in the storage section 22. The decoding processor 32 of the decoder 30 performs a decoding process. The key data storage section 33 of the decoder 30 stores key data that is to be used by the decoding processor 32 in the decoding process. The controller 31 of the decoder 30 controls the decoding processor 32 and the key data storage section 33. The storage section 42 of the RAM 40 stores data. The access controller 41 of the RAM 40 controls access to the storage section 42 with use of the access condition data DA. The interface 12 exchanges data with a device external to the information processing chip 10. The network interface 13 exchanges data with, for example, servers on a network.
(Operations of ROM 20, Decoder 30, and RAM 40)
Operations of the ROM 20, the decoder 30, and the RAM 40 are restricted after a predetermined event occurs in the boot period P1. Details are given below.
FIG. 3 illustrates a flow chart of an operation of the access controller 21 of the ROM 20. After the key data KEY and the authentication database DB are read a predetermined number of times, the access controller 21 of the ROM 20 disables further reading. This operation is described in detail below.
First, the access controller 21 reads the key data KEY and the authentication database DB from the storage section 22 in response to a request from the information processor 11 (step S1).
Subsequently, the access controller 21 determines whether the key data KEY and the authentication database DB have been read the predetermined number of times (step S2). In a case in which the key data KEY and the authentication database DB have not been read the predetermined number of times (“N” in the step S2), the operation of the access controller 21 returns to the step S1.
In the step S2, in a case in which the key data KEY and the authentication database DB have been read the predetermined number of times (“Y” in the step S2), the access controller 21 disables reading of the key data KEY and the authentication database DB from the storage section 20 (step S3).
Thus, this flow is completed.
FIG. 4 illustrates a flow chart of an operation of the controller 31 of the decoder 30. After key data is written to the key data storage section 33 a predetermined number of times, the controller 31 of the decoder 30 disables further writing. This operation is described in detail below.
First, the controller 31 writes key data to the key data storage section 33 in response to a request from the information processor 11 to cause the decoding processor 32 to perform a decoding process with use of the key data (step S11).
Subsequently, the controller 31 determines whether the key data has been written the predetermined number of times (step S12). In a case in which the key data has not been written the predetermined number of times (“N” in the step S12), the operation of the controller 31 returns to the step S11.
In the step S12, in a case in which the key data has been written the predetermined number of times (“Y” in the step S12), the controller 31 disables writing of the key data (step S13).
Thus, this flow is completed.
FIG. 5 illustrates a flow chart of an operation of the access controller 41 of the RAM 40. After the access controller 41 of the RAM 40 sets the access condition data DA a predetermined number of times, the access controller 41 disables further setting of the access condition data DA. This operation is described in detail below.
First, the access controller 41 sets the access condition data DA in response to a request from the information processor 11 to perform writing of data to the storage section 42 and reading of data from the storage section 42 with use of the access condition data DA (step S21).
Subsequently, the access controller 41 determines whether the access condition data DA has been set the predetermined number of times (step S22). In a case in which the access condition data DA has not been set the predetermined number of times (“N” in the step S22), the operation by the access controller 41 is returned to the step S21.
In the step S22, in a case in which the access condition data DA has been set the predetermined number of times (“Y” in the step S22), the access controller 41 disables setting of the access condition data DA (step S23).
Thus, this flow is completed.
(Operation of Information Processing Device 1)
FIG. 6 illustrates a flow chart of an operation example of the information processing device 1. The information processing device 1 first activates the boot loader BL, and then decodes the encoded operating system OS, and authenticates the decoded operating system OS. Thereafter, the information processing device 1 activates the operating system OS. This operation is described in detail below.
First, the information processor 11 activates the boot loader BL to set the access condition data DA of the RAM 40 (step S31). More specifically, first, the information processor 11 reads data of the boot loader BL from the flash ROM 50, and activates the boot loader BL. Subsequently, the information processor 11 sets the access condition data DA of the RAM 40 to set a storage region that is accessible when the boot loader BL is executed. Thereafter, the information processor 11 performs information processing with use of the set storage region as a working memory.
Subsequently, the information processor 11 writes the key data KEY to the key data storage section 33 of the decoder 30 (step S32). More specifically, the information processor 11 reads the key data KEY from the ROM 20, and writes the key data KEY to the key data storage section 33 of the decoder 30.
Subsequently, the controller 31 of the decoder 30 disables writing of the key data to the key data storage section 33 (step S33). In other words, in the step S32, the information processor 11 has written the key data to the key data storage section 33 the predetermined number of times. Hence, the controller 31 disables further writing of the key data.
Subsequently, the decoder 30 decodes the operating system OS with use of the key data KEY (step S34). More specifically, first, the information processor 11 reads data of the encoded operating system OS from the flash ROM 50. Thereafter, the decoder 30 decodes the operating system OS with use of the key data KEY stored in the key data storage section 33.
Subsequently, the information processor 11 authenticates the operating system OS with use of the authentication database DB (step S35). More specifically, the information processor 11 reads the authentication database DB from the ROM 20, and performs an authentication process on the operating system OS decoded in the step S34.
Subsequently, the access controller 21 of the ROM 20 disables reading of the key data KEY and the authentication database DB from the storage section 22 (step S36). In other words, in the steps S32 and S35, the information processor 11 has read the key data KEY and the authentication database DB the predetermined number of times. Hence, the access controller 21 disables further reading of the key data KEY and the authentication database DB.
Subsequently, the information processor 11 sets the access condition data DA of the RAM 40 (step S37). More specifically, the information processor 11 sets the access condition data DA to set a storage region that is accessible when the operating system OS is next executed. Thereafter, the information processor 11 performs information processing with use of the set storage region as a working memory.
Subsequently, the access controller 41 of the RAM 40 disables setting of the access condition data DA (step S38). In other words, in the steps S31 and S37, the information processor 11 has set the access condition data DA the predetermined number of times. Hence, the access controller 41 disables further setting of the access condition data DA.
Subsequently, the information processor 11 activates the operating system OS (step S39). More specifically, the information processor 11 activates the operating system OS on the basis of decoded and authenticated data of the operating system OS.
As described above, in the information processing device 1, the ROM 20, the decoder 30, and the RAM 40 restrict their operations after a predetermined event occurs in the boot period P1. More specifically, after the key data KEY and the authentication database DB are read the predetermined number of times, the access controller 21 of the ROM 20 disables further reading. After the key data is written to the key data storage section 33 the predetermined number of times, the controller 31 of the decoder 30 disables further writing. After the access condition data DA is set the predetermined number of times, the access controller 41 of the RAM 40 disables further setting of access condition data DA. Moreover, in particular, in the information processing device 1, the information processor 11 performs, only in the boot period P1, reading of the key data KEY and the authentication database DB from the ROM 20, writing of the key data in the decoder 30, and setting of the access condition data DA in the RAM 40. Accordingly, in the information processing device 1, the operating system OS does not use secret information (such as the key data KEY and the authentication database DB). This makes it possible to reduce a risk of passing the secret information to a third party and to enhance security, even if the operating system OS has a security hole.
In particular, operating systems tend to grow in total code quantity every year. Accordingly, in terms of a workload and work hours, it has become difficult to check that the operating systems do not have a security hole. In the information processing device 1, the secret information is covered by not the operating system OS but the boot loader BL. A total code quantity of a typical boot loader is extremely smaller than a total code quantity of a typical operating system, and it is therefore easy to check a security hole in the boot loader. Accordingly, it is possible for the information processing device 1 to achieve a system having higher security.
[Effects]
As described above, in the present embodiment, the ROM, the decoder, and the RAM restrict their operations after the predetermined event occurs, which makes it possible to enhance security.
MODIFICATION EXAMPLE 1
In the foregoing embodiment, the ROM 20 disables further reading after the data KEY and the authentication database DB are read the predetermined number of times; however, the embodiment is not limited thereto. Alternatively, for example, the information processor 11 may instruct the ROM 20 to disable reading of the key data KEY and the authentication database DB, and the access controller 21 of the ROM 20 may disable further reading of the key data KEY and the authentication database DB on the basis of such an instruction, as illustrated in FIG. 7.
MODIFICATION EXAMPLE 2
In the foregoing embodiment, the decoder 30 disables further writing after the data storage section 33 writes the key data the predetermined number of times; however, the embodiment is not limited thereto. Alternatively, for example, the information processor 11 may instruct the decoder 30 to disable writing of the key data, and the controller 31 of the decoder 30 may disable further writing of the key data on the basis of such an instruction, as illustrated in FIG. 8.
MODIFICATION EXAMPLE 3
In the foregoing embodiment, the RAM 40 disables further setting of the access condition data DA after the access condition data DA is set the predetermined number of times; however, the embodiment is not limited thereto. Alternatively, for example, the information processor 11 may instruct the RAM 40 to disable setting of the access condition data DA, and the access controller 41 of the RAM 40 may disable further setting of the access condition data DA on the basis of such an instruction, as illustrated in FIG. 9.
MODIFICATION EXAMPLE 4
In the foregoing embodiment, the ROM 20 stores data (the key data KEY and the authentication database DB) that is to be used for activation of the operating system OS; however, the embodiment is not limited thereto, and the ROM 20 may store various data. More specifically, the ROM 20 may store, for example, identification information specific to a device, key data of data that is to be exchanged through a network, and authentication information for connection with servers in a network.
MODIFICATION EXAMPLE 5
In the foregoing embodiment, the controller 31 of the decoder 30 disables writing after the key data is written to the key data storage section 33 once; however, the embodiment is not limited thereto. The controller 31 may disable writing after the key data is written a plurality of times. In this case, for example, the storage section 22 may store a plurality of pieces of key data, and may change key data of the key data storage section 33, thereby allowing for decoding of a plurality of programs and a plurality of pieces of data.
Likewise, in the foregoing embodiment, the access controller 21 of the ROM 20 disables reading after the key data KEY and the authentication database DB are read once; however, the embodiment is not limited thereto. The access controller 21 may disable reading after the key data KEY and the authentication database DB are read a plurality of times. Moreover, in the foregoing embodiment, the access controller 41 of the RAM 40 disables setting after the access condition data DA is set twice; however, the embodiment is not limited thereto. The access controller 41 may disable setting after the access condition data DA is set once or three or more times.
MODIFICATION EXAMPLE 6
In the foregoing embodiment, the decoder 30 that performs a decoding process is provided; however, the embodiment is not limited thereto. Alternatively, an encoder-decoder that performs an encoding process and a decoding process may be provided.
OTHER MODIFICATION EXAMPLES
Moreover, two or more of these modification examples may be combined.
2. APPLICATION EXAMPLES
In the following, description is given of application examples of the information processing devices described in the foregoing embodiment and modification examples.
FIG. 10 illustrates an appearance of a smartphone to which any of the information processing devices of the foregoing embodiment and examples is applied. The smartphone may include, for example, a main body section 310 and a display section 320. Any of the foregoing information processing devices is mounted in the smartphone 300. It is to be noted that any of the foregoing information processing devices may be applied to a main processor that performs an operation of the entire smartphone 300, or a processor that operates in a particular use such as a GPU (Graphics Processing Unit).
The information processing devices of the foregoing embodiment and examples are applicable to not only such a smartphone, but also electronic apparatuses in every field that uses secret information, such as an electronic book, a PDA, a HDD player, a HDD recorder, players and recorders of various kinds of disks, a content delivery system, and a game machine.
Although the present technology is described referring the embodiment, the modification examples, and application examples to electronic apparatuses, the present technology is not limited thereto, and may be variously modified.
In the foregoing embodiment and examples, the flash ROM 50 is disposed, for example, but not limited to, outside the information processing chip 10. Alternatively, the flash ROM 50 may be integrated into, for example, the information processing ship 10.
Note that the effects described in the present specification are illustrative and non-limiting. Effects achieved by the present technology may be effects other than those described above.
It is to be noted that the present technology may have the following configurations.
(1) An information processing device including:
a first storage section for reading only that stores first data beforehand, and restricts reading of the first data after a first event;
an operation section that performs one or both of encoding and decoding with use of key data, and restricts, after a second event, change of the key data to be used;
a second storage section being readable and writeable and including a plurality of storage regions for each of which access conditions are set, the second storage section that restricts change of the access conditions after a third event; and
an information processor that controls the first storage section, the operation section, and the second storage section to perform information processing.
(2) The information processing device according to (1), wherein
the information processor activates an operating system after activating a boot loader, and
the first event, the second event, and the third event each occur in a period in which the information processor executes the boot loader.
(3) The information processing device according to (1) or (2), wherein the first event is that the information processor has read the first data a predetermined number of times.
(4) The information processing device according to (1) to (2), wherein the first event is an instruction from the information processor.
(5) The information processing device according to any one of (1) to (4), wherein the second event is that the information processor has written the key data a predetermined number of times.
(6) The information processing device according to any one of (1) to (4), wherein the second event is an instruction from the information processor.
(7) The information processing device according to any one of (1) to (6), wherein the third event is that the information processor has set the access conditions a predetermined number of times.
(8) The information processing device according to any one of (1) to (6), wherein the third event is an instruction from the information processor.
(9) The information processing device according to any one of (1) to (8), wherein the first data is secret data.
(10) The information processing device according to any one of (1) to (9), wherein the first data includes the key data.
(11) The information processing device according to any one of (1) to (10), wherein at least one of the storage regions stores secret data.
(12) An information processing method including:
restricting reading of first data by a first storage section for reading only after a first event;
restricting, by an operation section after a second event, change of key data to be used, the operation section that performs one or both of encoding and decoding with use of the key data; and
restricting change of access conditions by a second storage section after a third event, the second storage section being readable and writable, and the access conditions being set for each of a plurality of storage regions.
(13) An electronic apparatus provided with an information processing device and a device controlled by the information processing device, the information processing device including:
a first storage section for reading only that stores first data beforehand, and restricts reading of the first data after a first event;
an operation section that performs one or both of encoding and decoding with use of key data, and restricts, after a second event, change of the key data to be used;
a second storage section being readable and writeable and including a plurality of storage regions for each of which access conditions are set, the second storage section that restricts change of the access conditions after a third event; and
an information processor that controls the first storage section, the operation section, and the second storage section to perform information processing.
This application claims the priority on the basis of Japanese Patent Application No. 2014-102329 filed on May 16, 2014 with Japan Patent Office, the entire contents of which are incorporated in this application by reference.
It should be understood by those skilled in the art that various modifications, combinations, sub-combinations, and alterations may occur depending on design requirements and other factors insofar as they are within the scope of the appended claims or the equivalents thereof.

Claims (10)

The invention claimed is:
1. An information processing device, comprising:
a first memory configured to store first data;
a key data memory;
a second memory configured to store second data, wherein the second memory includes a plurality of storage regions;
an information processor configured to:
execute a boot loader in a boot period;
read the first data from the first memory in the boot period;
write key data in the key data memory in the boot period;
set access condition data for the second memory in the boot period;
set access conditions for each of the plurality of storage regions based on the set access condition data; and
control, after occurrence of a first event, the first memory to restrict the read of the first data, wherein the first event is that the information processor has read the first data a first number of times; and
a decoding processor configured to:
decode operating system data with use of the key data; and
restrict, after occurrence of a second event, change of the key data,
wherein
the second event is that the information processor has written the key data a second number of times,
the information processor is further configured to:
read the second data from the second memory based on the set access condition data;
control, after occurrence of a third event, the second memory to restrict change of the access conditions; and
activate an operating system based on the decoded operating system data and the execution of the boot loader, and
the third event is that the information processor has set the access conditions a third number of times.
2. The information processing device according to claim 1, wherein each of the first event, the second event, and the third event occurs in the boot period.
3. The information processing device according to claim 1, wherein the first event is an instruction from the information processor.
4. The information processing device according to claim 1, wherein the second event is an instruction from the information processor.
5. The information processing device according to claim 1, wherein the third event is an instruction from the information processor.
6. The information processing device according to claim 1, wherein the first data is secret data.
7. The information processing device according to claim 1, wherein the first data includes the key data.
8. The information processing device according to claim 1, wherein at least one storage region of the plurality of storage regions is configured to store secret data.
9. An information processing method, comprising:
in an information processing device that includes a first memory, a key data memory, a second memory, an information processor, and a decoding processor, wherein the second memory includes a plurality of storage regions:
storing first data in the first memory;
storing second data in the second memory;
executing, by the information processor, a boot loader in a boot period;
reading, by the information processor, the first data from the first memory in the boot period;
writing, by the information processor, key data in the key data memory in the boot period;
setting, by the information processor, access condition data for the second memory in the boot period;
setting, by the information processor, access conditions for each of the plurality of storage regions based on the set access condition data;
controlling, by the information processor, after occurrence of a first event, the first memory to restrict the reading of the first data,
wherein the first event is that the information processor has read the first data a first number of times;
executing, by the decoding processor, decoding of operating system data with use of the key data;
restricting, by the decoding processor, change of the key data after occurrence of a second event, wherein the second event is that the information processor has written the key data a second number of times;
reading, by the information processor, the second data from the second memory based on the set access condition data;
controlling, by the information processor, after occurrence of a third event, the second memory to restrict change of the access conditions, wherein the third event is that the information processor has set the access conditions a third number of times; and
activating, by the information processor, an operating system based on the decoded operating system data and the execution of the boot loader.
10. An electronic apparatus, comprising:
an information processing device; and
a device controlled by the information processing device,
the information processing device comprising:
a first memory configured to store first data;
a key data memory;
a second memory configured to store second data, wherein the second memory includes a plurality of storage regions;
an information processor configured to:
execute a boot loader in a boot period;
read the first data from the first memory in the boot period;
write key data in the key data memory in the boot period;
set access condition data for the second memory in the boot period;
set access conditions for each of the plurality of storage regions based on the set access condition data; and
control, after occurrence of a first event, the first memory to restrict the read of the first data, wherein the first event is that the information processor has read the first data a first number of times; and
a decoding processor configured to:
decode operating system data with use of the key data; and
restrict, after occurrence of a second event, change of the key data,
wherein
the second event is that the information processor has written the key data a second number of times,
the information processor is further configured to:
read the second data from the second memory based on the set access condition data;
control, after occurrence of a third event, the second memory to restrict change of the access conditions; and
activate an operating system based on the decoded operating system data and the execution of the boot loader, and
the third event is that the information processor has set the access conditions a third number of times.
US15/309,305 2014-05-16 2015-04-30 Information processing device, information processing method, and electronic apparatus Active 2036-02-06 US10817612B2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
JP2014102329 2014-05-16
JP2014-102329 2014-05-16
PCT/JP2015/062936 WO2015174285A1 (en) 2014-05-16 2015-04-30 Information processing device, information processing method, and electronic device

Publications (2)

Publication Number Publication Date
US20170154186A1 US20170154186A1 (en) 2017-06-01
US10817612B2 true US10817612B2 (en) 2020-10-27

Family

ID=54479826

Family Applications (1)

Application Number Title Priority Date Filing Date
US15/309,305 Active 2036-02-06 US10817612B2 (en) 2014-05-16 2015-04-30 Information processing device, information processing method, and electronic apparatus

Country Status (4)

Country Link
US (1) US10817612B2 (en)
JP (1) JP6548636B2 (en)
CN (1) CN106462712B (en)
WO (1) WO2015174285A1 (en)

Citations (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH05250267A (en) 1992-03-09 1993-09-28 Sharp Corp Write protect for one-chip cpu
JPH05266681A (en) 1992-03-18 1993-10-15 Sharp Corp Eeprom
US5274829A (en) * 1986-11-05 1993-12-28 Hitachi, Ltd. Information processing apparatus having micro instructions stored both in on-chip ROM and off-chip memory
US5608876A (en) * 1995-05-22 1997-03-04 International Business Machines Corporation Add-in board with enable-disable expansion ROM for PCI bus computers
US5794054A (en) * 1996-07-19 1998-08-11 Compaq Computer Corporation Flash ROM sharing between a processor and a controller
US5819087A (en) * 1996-07-19 1998-10-06 Compaq Computer Corporation Flash ROM sharing between processor and microcontroller during booting and handling warm-booting events
JP2001283594A (en) 2000-03-29 2001-10-12 Sharp Corp Non-volatile semiconductor memory
JP2002149493A (en) 2000-11-09 2002-05-24 Denso Corp Data processor with security function
US20020108053A1 (en) * 1999-11-25 2002-08-08 Fujitsu Limited Security apparatus and computer product
US6662269B1 (en) * 1999-10-22 2003-12-09 Sony Corporation Data rewriting apparatus, control method, and recording medium
US20040215908A1 (en) 2003-04-25 2004-10-28 Zimmer Vincent J. Method for read once memory
US20070025694A1 (en) * 2005-08-01 2007-02-01 Sony Corporation Information processing apparatus, information processing method, information recording medium, and computer program
US20070106890A1 (en) * 2005-11-07 2007-05-10 Samsung Electronics Co., Ltd. Method and apparatus for securely updating and boot code image
US20070168652A1 (en) * 2006-01-17 2007-07-19 Kimmo Mylly Method for booting a host device from an MMC/SD device, a host device bootable from an MMC/SD device and an MMC/SD device method a host device may booted from
US20070208883A1 (en) * 2006-02-17 2007-09-06 Bircher William L Option ROM characterization
US20070208885A1 (en) * 2006-02-22 2007-09-06 Sony Computer Entertainment Inc. Methods And Apparatus For Providing Independent Logical Address Space And Access Management
US20080059659A1 (en) * 2006-08-29 2008-03-06 Masumi Moritani Wireless IC memory, accessing apparatus for use of wireless IC memory, accessing control method for use of wireless IC memory, and wireless IC memory system
US20080082811A1 (en) * 2006-09-29 2008-04-03 Davis Mark C System and method for boot loading of programs within a host operating environment having one or more linked guest operating systems
US20080276011A1 (en) * 2006-02-17 2008-11-06 Bircher William L Structure for option rom characterization
JP2009015651A (en) 2007-07-05 2009-01-22 Toshiba Corp Information storage medium
US20090094603A1 (en) * 2007-10-09 2009-04-09 Vmware, Inc. In-Place Conversion of Virtual Machine State
JP2009111650A (en) 2007-10-30 2009-05-21 Dainippon Printing Co Ltd Portable storage medium
US20100005226A1 (en) * 2006-07-26 2010-01-07 Panasonic Corporation Nonvolatile memory device, access device, and nonvolatile memory system
US20110078760A1 (en) * 2008-05-13 2011-03-31 Nxp B.V. Secure direct memory access
US20120159105A1 (en) * 2010-12-17 2012-06-21 Google Inc. Partitioning the namespace of a contactless smart card
US20130013906A1 (en) * 2011-07-08 2013-01-10 Openpeak Inc. System and method for validating components during a booting process
US20130086372A1 (en) * 2011-09-30 2013-04-04 Akihiro Kojo Information processing apparatus and boot control method
US20130191692A1 (en) * 2012-01-24 2013-07-25 Lincoln GARLICK Initialization of gpu using rom-based initialization unit and programmable microcontroller
US20130204929A1 (en) * 2010-06-02 2013-08-08 Minoru Yoshida Information Generation System And Method Therefor
US20130305057A1 (en) * 2012-05-14 2013-11-14 International Business Machines Corporation Cryptographic erasure of selected encrypted data
US20140029369A1 (en) * 2012-07-25 2014-01-30 Kabushiki Kaisha Toshiba Memory device, controller, and write control method
US20140057597A1 (en) * 2012-08-25 2014-02-27 T-Mobile Usa, Inc. SIM Level Mobile Security
US20140122902A1 (en) * 2012-10-31 2014-05-01 Kabushiki Kaisha Toshiba Information processing apparatus
US8799429B1 (en) * 2008-05-06 2014-08-05 American Megatrends, Inc. Boot acceleration by consolidating client-specific boot data in a data storage system
US8949205B2 (en) * 2009-08-31 2015-02-03 Sony Corporation Information processing apparatus for processing application software and a patch file
US20150113258A1 (en) * 2013-10-21 2015-04-23 Cisco Technology, Inc. Trust Transference From a Trusted Processor to an Untrusted Processor
US20170024221A1 (en) * 2013-12-13 2017-01-26 Ping He Devices, updaters, methods for controlling a device, and methods for controlling an updater
US20180260569A1 (en) * 2017-03-10 2018-09-13 International Business Machines Corporation Verification of a boot loader program at a control unit to be provided to a host system to load an operating system

Patent Citations (43)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5274829A (en) * 1986-11-05 1993-12-28 Hitachi, Ltd. Information processing apparatus having micro instructions stored both in on-chip ROM and off-chip memory
JPH05250267A (en) 1992-03-09 1993-09-28 Sharp Corp Write protect for one-chip cpu
JPH05266681A (en) 1992-03-18 1993-10-15 Sharp Corp Eeprom
US5608876A (en) * 1995-05-22 1997-03-04 International Business Machines Corporation Add-in board with enable-disable expansion ROM for PCI bus computers
US5794054A (en) * 1996-07-19 1998-08-11 Compaq Computer Corporation Flash ROM sharing between a processor and a controller
US5819087A (en) * 1996-07-19 1998-10-06 Compaq Computer Corporation Flash ROM sharing between processor and microcontroller during booting and handling warm-booting events
US6154838A (en) * 1996-07-19 2000-11-28 Le; Hung Q. Flash ROM sharing between processor and microcontroller during booting and handling warm-booting events
US20040107309A1 (en) * 1999-10-22 2004-06-03 Sony Corporation Data rewriting apparatus, control method, and recording medium
US6662269B1 (en) * 1999-10-22 2003-12-09 Sony Corporation Data rewriting apparatus, control method, and recording medium
US20020108053A1 (en) * 1999-11-25 2002-08-08 Fujitsu Limited Security apparatus and computer product
JP2001283594A (en) 2000-03-29 2001-10-12 Sharp Corp Non-volatile semiconductor memory
JP2002149493A (en) 2000-11-09 2002-05-24 Denso Corp Data processor with security function
US20040215908A1 (en) 2003-04-25 2004-10-28 Zimmer Vincent J. Method for read once memory
US20070025694A1 (en) * 2005-08-01 2007-02-01 Sony Corporation Information processing apparatus, information processing method, information recording medium, and computer program
US20070106890A1 (en) * 2005-11-07 2007-05-10 Samsung Electronics Co., Ltd. Method and apparatus for securely updating and boot code image
US20070168652A1 (en) * 2006-01-17 2007-07-19 Kimmo Mylly Method for booting a host device from an MMC/SD device, a host device bootable from an MMC/SD device and an MMC/SD device method a host device may booted from
US20080276011A1 (en) * 2006-02-17 2008-11-06 Bircher William L Structure for option rom characterization
US20070208883A1 (en) * 2006-02-17 2007-09-06 Bircher William L Option ROM characterization
US20070208885A1 (en) * 2006-02-22 2007-09-06 Sony Computer Entertainment Inc. Methods And Apparatus For Providing Independent Logical Address Space And Access Management
US20100005226A1 (en) * 2006-07-26 2010-01-07 Panasonic Corporation Nonvolatile memory device, access device, and nonvolatile memory system
US20080059659A1 (en) * 2006-08-29 2008-03-06 Masumi Moritani Wireless IC memory, accessing apparatus for use of wireless IC memory, accessing control method for use of wireless IC memory, and wireless IC memory system
US20080082811A1 (en) * 2006-09-29 2008-04-03 Davis Mark C System and method for boot loading of programs within a host operating environment having one or more linked guest operating systems
JP2009015651A (en) 2007-07-05 2009-01-22 Toshiba Corp Information storage medium
US20090094603A1 (en) * 2007-10-09 2009-04-09 Vmware, Inc. In-Place Conversion of Virtual Machine State
JP2009111650A (en) 2007-10-30 2009-05-21 Dainippon Printing Co Ltd Portable storage medium
US8799429B1 (en) * 2008-05-06 2014-08-05 American Megatrends, Inc. Boot acceleration by consolidating client-specific boot data in a data storage system
US20110078760A1 (en) * 2008-05-13 2011-03-31 Nxp B.V. Secure direct memory access
US8949205B2 (en) * 2009-08-31 2015-02-03 Sony Corporation Information processing apparatus for processing application software and a patch file
US20130204929A1 (en) * 2010-06-02 2013-08-08 Minoru Yoshida Information Generation System And Method Therefor
US20120159105A1 (en) * 2010-12-17 2012-06-21 Google Inc. Partitioning the namespace of a contactless smart card
US20120159195A1 (en) * 2010-12-17 2012-06-21 Google Inc. Writing application data to a secure element
US20130111207A1 (en) * 2010-12-17 2013-05-02 Rob von Behren Writing application data to a secure element
US20130013906A1 (en) * 2011-07-08 2013-01-10 Openpeak Inc. System and method for validating components during a booting process
US20150149757A1 (en) * 2011-07-08 2015-05-28 Openpeak Inc. System and Method for Validating Components During a Booting Process
US20130086372A1 (en) * 2011-09-30 2013-04-04 Akihiro Kojo Information processing apparatus and boot control method
US20130191692A1 (en) * 2012-01-24 2013-07-25 Lincoln GARLICK Initialization of gpu using rom-based initialization unit and programmable microcontroller
US20130305057A1 (en) * 2012-05-14 2013-11-14 International Business Machines Corporation Cryptographic erasure of selected encrypted data
US20140029369A1 (en) * 2012-07-25 2014-01-30 Kabushiki Kaisha Toshiba Memory device, controller, and write control method
US20140057597A1 (en) * 2012-08-25 2014-02-27 T-Mobile Usa, Inc. SIM Level Mobile Security
US20140122902A1 (en) * 2012-10-31 2014-05-01 Kabushiki Kaisha Toshiba Information processing apparatus
US20150113258A1 (en) * 2013-10-21 2015-04-23 Cisco Technology, Inc. Trust Transference From a Trusted Processor to an Untrusted Processor
US20170024221A1 (en) * 2013-12-13 2017-01-26 Ping He Devices, updaters, methods for controlling a device, and methods for controlling an updater
US20180260569A1 (en) * 2017-03-10 2018-09-13 International Business Machines Corporation Verification of a boot loader program at a control unit to be provided to a host system to load an operating system

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
Fiorin-"Secure Memory Accesses on Networks-on-Chip," IEEE Transactions on Computers, vol. 57, No. 9, Sep. 2008, pp. 1216-1229 (Year: 2008). *
Fiorin—"Secure Memory Accesses on Networks-on-Chip," IEEE Transactions on Computers, vol. 57, No. 9, Sep. 2008, pp. 1216-1229 (Year: 2008). *
Schoinas-"Fine-grain Access Control for Distributed Shared Memory," ACM, 1994, pp. 297-306 (Year: 1994). *
Schoinas—"Fine-grain Access Control for Distributed Shared Memory," ACM, 1994, pp. 297-306 (Year: 1994). *

Also Published As

Publication number Publication date
JP6548636B2 (en) 2019-07-24
CN106462712B (en) 2020-02-07
CN106462712A (en) 2017-02-22
US20170154186A1 (en) 2017-06-01
WO2015174285A1 (en) 2015-11-19
JPWO2015174285A1 (en) 2017-04-20

Similar Documents

Publication Publication Date Title
JP6985011B2 (en) Equipment and methods for ensuring access protection schemes
JP5114617B2 (en) Secure terminal, program, and method for protecting private key
US20210089684A1 (en) Controlled access to data stored in a secure partition
US8307181B2 (en) Apparatus and method for password protection of secure hidden memory
TW201409236A (en) Memory protection
US9262631B2 (en) Embedded device and control method thereof
US10454679B2 (en) File system support for rolling keys on file extents
CN101256609B (en) Storing card and safety method thereof
US11003595B2 (en) Storage in a non-volatile memory
EP2899664A1 (en) Secure access method and secure access device for an application program
US10747884B2 (en) Techniques for coordinating device boot security
CN101334827A (en) Magnetic disc encryption method and magnetic disc encryption system for implementing the method
CN106155568A (en) A kind of method of partition holding and terminal
WO2020063975A1 (en) Partition protection method and apparatus for non-volatile memory
CN101042683A (en) Method and apparatus for binding computer memory to motherboard
CN103347017A (en) Data processing method and system on chip
US10331365B2 (en) Accessing a serial number of a removable non-volatile memory device
CN102184143A (en) Data protection method, device and system for storage device
KR101575021B1 (en) Mobile terminal for executing integrity verification and controll method thereof
US10817612B2 (en) Information processing device, information processing method, and electronic apparatus
CN107924439B (en) Apparatus, method, and computer program product for coordinating device boot security
CN106326782B (en) A kind of information processing method and electronic equipment
CN103699434B (en) A kind of method being had secure access between the MPU for being suitable for having secure access between more applications and its more applications
RU2470349C1 (en) Method for preventing unauthorised access to information stored in computer systems
US20200379685A1 (en) Storage device

Legal Events

Date Code Title Description
AS Assignment

Owner name: SONY CORPORATION, JAPAN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:WAKABAYASHI, MASAKI;REEL/FRAME:040579/0798

Effective date: 20160905

AS Assignment

Owner name: SONY SEMICONDUCTOR SOLUTIONS CORPORATION, JAPAN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SONY CORPORATION;REEL/FRAME:042993/0683

Effective date: 20170712

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: ADVISORY ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: ADVISORY ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STCF Information on status: patent grant

Free format text: PATENTED CASE

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 4